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DETAILED ACTION 

1. Claims 1-37 are pending. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 

2. Claims 13-20 are rejected under 35 U.S.C. 101 because the claims are 
directed towards nonstatutory subject matter in the form of a computer program that is 
not claimed as embodied on a computer readable medium and executed by a computer 
system. The cited claims are an example of functional descriptive material consisting of 
data structures and programs that impart functionality when employed as executed by a 
computer component. The functionality of functional descriptive material is realized only 
when the functional descriptive material is claimed as being embodied on a computer 
readable medium and is claimed as executed by a computer component. The cited 
claims provide no tangible computer components that work in conjunction with the 
functional descriptive material to impart functionality and as a result the claims are not 
statutory because they fail the practical application requirement of § 101 by failing to 
provide a useful, concrete, and tangible result (see MPEP 2106). 
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Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

3. Claims 4-6, 8, 18, 22, 26, 28 are rejected under 35 U.S.C. 112, second 
paragraph, as being indefinite for failing to particularly point out and distinctly claim the 
subject matter which applicant regards as the invention. 

4. With regards to claim 4-6, 18, 22, 28, the limitation "measuring a system" is 
unclear because it is unclear what aspect of the system is being measured and what the 
system is. 

5. With regards to claims 8, 26, the claims define that the at least one key is 
comprised of two keys. It is unclear how a single key can be both a private key and a 
public key in a situation where there is only one key. 

Claim Rejections - 35 USC § 102 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 
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6. Claims 31-32 are rejected under 35 U.S.C. 102(e) as being anticipated by 
Challener US Patent No. 7,095,859. 

7. With regards to claim 31 , Challener teaches the act of initializing the security 
modules in a system so that the security module has at least one common key with 
another security module (Challener, column 4 lines 55-65, migrating private key from 
one machine to another). 

8. With regards to claims 32, Challener teaches the security module comprises a 
trusted platform module (Challener, column 4 lines 12-67, client TPM 22 and server 
TPM processor 44). 

Claim Rejections - 35 USC § 103 



The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

9. Claims 1-5, 7-30, 33-34, 36-37 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Challener US Patent No. 7,095,859 in view of Williams US Patent 
No. 5,559,883. 

10. With regards to claims 1, 13, 21, Challener teaches a method of initializing a 
security module (Challener, column 4 lines 55-65, key is generated or received in order 
to allow use) the method comprising the acts of generating at least one key if the 
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security module is the controlling security module (Challener, column 4 lines 55-65, 
client or server generates the private key) and receiving at least one key from another 
security module if the security module is the subordinate security module (Challener, 
column 4 line 60 - column 5 line 6, private key is migrated to other machine). Challener 
fails to specifically disclose a step of determining whether the security module is a 
controlling module or a subordinate security module. However, Williams teaches 
determining whether the security module is a controlling module or a subordinate 
security module (Williams, column 11 lines 15-65, management module detects failure 
of the primary security module). At the time the invention was made, it would have 
been obvious to a person of ordinary skill in the art to utilize William's method of 
determining whether there a module is controlling or subordinate because it offers the 
advantage of ensuring that a primary module is always available and that a module 
failure will not stop system operation (Williams, column 1 1 lines 44-53). 

1 1 . With regards to claim 2, Challener as modified teaches the act of initializing the 
security modules in a system so that the security module has at least one common key 
with another security module (Challener, column 4 lines 55-65, migrating private key 
from one machine to another). 

12. With regards to claims 3, 14, 24, 37, Challener as modified teaches the security 
module comprises a trusted platform module (Challener, column 4 lines 12-67, client 
TPM 22 and server TPM processor 44). 
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13. With regards to claim 4, Challener as modified teaches measuring a system 
once the at least one key is generated (Williams, column 1 1 lines 34-44, measures a 
time window to determine if failure occurred). 

14. With regards to claims 5, 18, 22, 28, Challener as modified teaches the security 
module measuring a system once the at least one key is generated (Williams, column 

1 1 lines 34-44, measures a time window to determine if failure occurred). 

15. With regards to claims 7, 16, 25, Challener as modified teaches the at least 
one key comprising an endorsement key (Challener, column 4 lines 55-65, private key). 

1 6. With regards to claims 8, 26, Challener as modified teaches the at least one 
key comprising a private key and a public key (Challener, column 4 lines 55-67, private 
key and non-migratable public key). 

17. With regards to claims 9, 19, 29, Challener as modified teaches the act of 
accessing a lock bit to determine if the security module is the controlling security 
module or the subordinate security module (Williams, column 1 1 lines 40-45, status 
flag). 

18. With regards to claim 10, Challener as modified teaches the lock bit being a 
setting within the memory of the system (Williams, column 1 1 lines 40-45, status flag 
stored at port). 

19. With regards to claims 11, 20, Challener as modified teaches accessing the 
lock bit via a bus coupled to the security module and the memory or via a bus and an 
input/output controller coupled between the security module and the memory (Williams, 
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column 11 lines 43-53, management module accesses the port, Challener, column 4 
lines 5-11). 

20. With regards to claim 12, Challener as modified teaches the act of determining 
if the security module in the system is initialized (Challener, column 5 lines 6-21, queries 
to determine if private key is stored). 

21 . With regards to claim 1 5, Challener as modified teaches the act of determining 
if the security module has undergone TPM initialization (Challener, column 5 lines 6-21, 
queries to determine if private key is stored). 

22. With regards to claim 17, Challener as modified teaches the at least one key 
comprising a private key (Challener, column 4 lines 55-67, private key). 

23. With regards to claims 23, 36, Challener and Williams teach everything 
described above with regards to claim 1 and further teach a processor (Challener, 
column 3 lines 55-60, cpu), a hard disk operatively coupled to the processor and 
configured to store data for the processor (Challener, column 3 lines 55-60, hard disk), 
a memory operatively coupled to the processor and configured to store data retrieved 
from the hard disk for use by the processor (Challener, column 3 lines 55-60, computers 
with CPUs have attached RAM to stored data retrieved from a hard disk) and a first 
security module and a second security module each operatively coupled to the 
processor and the memory (Challener, column 3 line 55 - column 4 line 12, TPM, 
Williams, column 11 lines 15-60, multiple security modules). Examiner further contends 
that video controllers operatively coupled to the processor and configured to produce a 
display signal are well known in the art and it would have been obvious to one of 
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ordinary skill in the art to incorporate a video controller to allow a user to utilize the 
system using graphical user interfaces. 

24. With regards to claim 27, Challener as modified teaches the first and second 
security modules are each adapted to determine if that security module has undergone 
TPM initialization (Challener, column 5 lines 6-21 , queries to determine if private key is 
stored). 

25. With regards to claims 30, 34, Challener as modified teaches the memory and 
the first security module are connected together on a bus and communicate through a 
bridge with the processor (Williams, column 11 lines 43-53, management module 
accesses the port, Challener, column 4 lines 5-11). 

26. With regards to claims 33, Challener fails to teach accessing a lock bit in a 
memory by each of the plurality of security modules if the security module has not been 
initialized. However, Williams teaches accessing a lock bit in a memory by each of the 
plurality of security modules if the security module has not been initialized (Williams, 
column 11 lines 17-45, configuration parameters, standby modules stay on standby until 
designated as primary module by management module). At the time the invention was 
made, it would have been obvious to a person of ordinary skill in the art to utilize 
William's method of determining whether there a module is controlling or subordinate 
because it offers the advantage of ensuring that a primary module is always available 
and that a module failure will not stop system operation (Williams, column 1 1 lines 44- 
53). 
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27. Claim 35 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
Challener US Patent No. 7,095,859 in view of Zinsky et al US Patent No. 6,480,097. 

28. With regards to claim 35, Challener teaches a plurality of security modules 
(Challener, column 4 line 60 - column 5 line 6), but fails to teach booting the computer 
system once the security module is initialized. However, Zinsky teaches booting the 
computer system once the security module is initialized (Zinsky, column 12 lines 8-25, 
security device is initialized, computer beings the boot up process). At the time the 
invention was made, it would have been obvious to a person of ordinary skill in the art to 
utilize Zinsky's method of booting up because it offers the advantage of providing 
enhanced security by ensuring protection of system resources (Zinsky, column 2 lines 
13-26). 

Allowable Subject Matter 

29. Claim 6 is objected to as being dependent upon a rejected base claim, but would 
be allowable if rewritten in independent form including all of the limitations of the base 
claim and any intervening claims. 

The following is a statement of reasons for the indication of allowable subject 
matter: The cited prior art fails to teach or suggest the act of copying the measurement 
of the system into the subordinate security module. As a result, the cited prior art fails 
to anticipate or render obvious the above cited claim. 
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Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. 

30. Brickell US PGPub 2004/0205341 discloses a method of establishing trust 
without revealing identity. 

31. Tsosie US PGPub 2004/0181327 discloses a vehicle security system with an 
automatic control system. 

32. Grawrock US Patent No. 6,948,065 discloses a platform and method for securely 
transmitting an authorization secret. 

33. Arnold et al US PGPub 2003/0177401 discloses a system for using a unique 
identifier for encryption key derivation. 

34. Weaver III et al US Patent No. 7,069,449 discloses a method for encrypting and 
storing content to a user. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Andrew L. Nalven whose telephone number is 571 272 
3839. The examiner can normally be reached on Monday - Thursday 8-6, Alternate 
Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kambiz Zand can be reached on 571 272 381 1 . The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




